Page 2 of 2
Comodo is one-quarter to one-fifth of certificates on the Internet and removing support for Comodo in the browser would be hugely disruptive operationally in this current system. But the underlying security for it all is just "an illusion," according to Marlinspike. He pointed out, "We've made a decision to trust Comodo forever, regardless of whether they continue to earn that trust."
Marlinspike continued, "What happened to DigiNotar is the kind of thing that happens every day. It was an accident anyone ever noticed. If the hackers hadn't been stupid, no one would have ever noticed."
Marlinspike points out that Convergence is "totally backward compatible" with the current SSL certificate system and the "user experience is exactly the same as now." It's simply in the Convergence model, the notaries you contact tells you if they believe the certificate is valid or not. Through multiple answers to that question, there's an increase in the validation through consensus. Business can keep getting signed certificates if they want, but the validation for them changes according to what the user trusts.
Read more about security in Network World's Security section.
Rss Feed
The Connected Enterprise
You are previewing premium content. 
